<?php
	require_once('global.php'); 
	include("includes/config.php");
	$submit=$_POST['submit'];	
	$ugid=$_POST['uid'];		
	$uid=$vbulletin->userinfo[userid];
	$uname=$vbulletin->userinfo[username];
	$uid=4;
	$usecurity=$_POST['usecurity'];	
	if(@$uid==""){
		echo "<xmls><uflag>0</uflag></xmls>";
	}else{
		if($submit=="Login"){		
				Login($uid,$uname,$usecurity);
		}else	
		if($submit=="SendSecNumber"){
			$GameQuery=$_POST['query'];	
			mysql_query($GameQuery);
			echo "<xmls><uflag>1</uflag></xmls>";			
		}else
		if(!Checkusecurity($uid,$ugid,$usecurity)){	
			echo "<xmls><uflag>0</uflag></xmls>";						
		}else{
			switch($submit){
				case "CheckSec":				
					echo "<xmls><uflag>1</uflag></xmls>";
					break;
				case "DoQuery":
					$GameQuery=$_POST['query'];	
					mysql_query($GameQuery);	
					echo "<xmls><uflag>1</uflag></xmls>";
					break;
				case "Item":
					$ItemName=$_POST['ItemName'];
					$ItemEffect=$_POST['ItemEffect'];	
					$ItemValue=$_POST['ItemValue'];	
					mysql_query($GameQuery);	
					echo "<xmls><uflag>1</uflag></xmls>";
					break;
				default: echo "Nothing";					
			}
		}		
	}
	function Login($uid,$uname,$usecurity){
		$CheckUserQuery="SELECT * FROM twalk_user WHERE uid='".$uid."'";
		$CheckUserQueryResult=mysql_query($CheckUserQuery);	
		$CheckUserEvent="SELECT * FROM twalk_userevent WHERE uid='".$uid."'";
		$CheckUserEventResult=mysql_query($CheckUserEvent);	
		if(@mysql_num_rows($CheckUserQueryResult)==""){	
			$uflag=2;
			$InsertUser="INSERT INTO twalk_user (uid, uname) 
				VALUE (
				 '".$uid."'
				,'".$uname."'
				)";
			mysql_query($InsertUser);
			$CheckUserQuery2="SELECT * FROM twalk_user WHERE uid='".$uid."'";
			$CheckUserQueryResult2=mysql_query($CheckUserQuery2);
			if(@mysql_num_rows($CheckUserQueryResult2)!==""){				
				$InsertEevee="INSERT INTO twalk_pokemon (pid,uid,Name,Ability,Status,HP,Attack,Defense,SpAtk,SpDef,Speed,CurrentHP,Total,Move1,Move2,Move3,Move4) VALUE ( '133','".$uid."','Eevee','Adaptability','','80','80','80','80','80','80','80','480','QuickAttack','Growl','TakeDown','Bite')";	
				mysql_query($InsertEevee);	
				echo "<xmls><uflag>".$uflag."</uflag></xmls>";
			}else{
				$uflag=3;
				echo "<xmls><uflag>".$uflag."</uflag></xmls>";
			}
			if(@mysql_num_rows($CheckUserEventResult)==""){	
				$InsertUserEvent="INSERT INTO twalk_userevent (uid) VALUE ('".$uid."')";
				mysql_query($InsertUserEvent);	
			}
		}else{		
			$uflag=1;
			$User=mysql_fetch_object($CheckUserQueryResult);
			echo "<xmls>";
			echo "<uflag>".$uflag."</uflag>";
			echo "<leadpkm>".$User->leadpkm."</leadpkm>";
			echo "<uid>".$uid."</uid>";
			echo "<uname>".$User->uname."</uname>";
			echo "<upmp>".$User->upmp."</upmp>";
			echo "<Map>".$User->Map."</Map>";
			echo "<Mile>".$User->Mile."</Mile>";
			echo "<eventlist>";
			$Event=mysql_fetch_array($CheckUserEventResult)	;			
			$countEvent = count($Event)/2;
			for ($i = 0; $i < $countEvent; $i++) {			
				echo "<evt>".$Event[$i]."</evt>";
			}			
			echo "</eventlist>";			
			$PkmQuery="SELECT * FROM twalk_pokemon WHERE uid='".$uid."' LIMIT 6";
			$PkmQueryResult=mysql_query($PkmQuery);	
			echo "<lpkm>";
			while($Pokemon=mysql_fetch_object($PkmQueryResult)){
				echo "<pkm>";
				echo "<upid>".$Pokemon->upid."</upid>";
				echo "<pmod>".$Pokemon->pmod."</pmod>";
				echo "<Name>".$Pokemon->Name."</Name>";
				echo "<Status>".$Pokemon->Status."</Status>";
				echo "<Ability>".$Pokemon->Ability."</Ability>";
				echo "<HP>".$Pokemon->HP."</HP>";
				echo "<Attack>".$Pokemon->Attack."</Attack>";
				echo "<Defense>".$Pokemon->Defense."</Defense>";
				echo "<SpAtk>".$Pokemon->SpAtk."</SpAtk>";
				echo "<SpDef>".$Pokemon->SpDef."</SpDef>";
				echo "<Speed>".$Pokemon->Speed."</Speed>";
				echo "<CurrentHP>".$Pokemon->CurrentHP."</CurrentHP>";
				//echo "<MaxAttack>".$Pokemon->MaxAttack."</MaxAttack>";
				//echo "<MaxDefense>".$Pokemon->MaxDefense."</MaxDefense>";
				//echo "<MaxSpAtk>".$Pokemon->MaxSpAtk."</MaxSpAtk>";
				//echo "<MaxSpDef>".$Pokemon->MaxSpDef."</MaxSpDef>";
				//echo "<MaxSpeed>".$Pokemon->MaxSpeed."</MaxSpeed>";
				echo "<Total>".$Pokemon->Total."</Total>";
				echo "<Move1>".$Pokemon->Move1."</Move1>";
				echo "<Move2>".$Pokemon->Move2."</Move2>";
				echo "<Move3>".$Pokemon->Move3."</Move3>";
				echo "<Move4>".$Pokemon->Move4."</Move4>";
				echo "</pkm>";
			}
			echo "</lpkm>";			
			$ItemQuery="SELECT * FROM twalk_useritem WHERE uid='".$uid."'";
			$ItemQueryResult=mysql_query($ItemQuery);
			echo "<litem>";
			while($Item=mysql_fetch_object($ItemQueryResult)){
				echo "<it>";
				echo "<iid>".$Item->iid."</iid>";
				echo "<Code>".$Item->Code."</Code>";
				echo "<NumberOf>".$Item->NumberOf."</NumberOf>";
				//echo "<Name>".$Item->Name."</Name>";
				//echo "<Effect>".$Item->Effect."</Effect>";
				//echo "<Type>".$Item->Type."</Type>";			
				echo "</it>";
				}
			echo "</litem>";			
			echo "</xmls>";
		}
	}
	function Checkusecurity($uid,$ugid,$usecurity){
		if($ugid!=$uid) return false;
		$GetSecurityQuery="SELECT * FROM twalk_user WHERE uid='".$uid."'  AND usec='".$usecurity."'";
		$GetSecurityResult=mysql_query($GetSecurityQuery);	
		if(@mysql_num_rows($GetSecurityResult)=="") return false;
		return true;
	}
	function DoQuery($uid,$ugid,$GameQuery){
		if(Checkusecurity($uid,$ugid,$usecurity)){
			mysql_query($GameQuery);	
			echo "<xmls><uflag>1</uflag></xmls>";
		}else{
			echo "<xmls><uflag>0</uflag></xmls>";
		}
	}
?>

